- -
-

Two-factor authentication

-
-

New in version 4.8.0.

-
-

Since phpMyAdmin 4.8.0 you can configure two-factor authentication to be -used when logging in. To use this, you first need to configure the -phpMyAdmin configuration storage. Once this is done, every user can opt-in for the second -authentication factor in the Settings.

-

When running phpMyAdmin from the Git source repository, the dependencies must be installed -manually; the typical way of doing so is with the command:

-
composer require pragmarx/google2fa-qrcode
-
-
-

Or when using a hardware security key with FIDO U2F:

-
composer require samyoul/u2f-php-server
-
-
-
-

Authentication Application (2FA)

-

Using an application for authentication is a quite common approach based on HOTP and -TOTP. -It is based on transmitting a private key from phpMyAdmin to the authentication -application and the application is then able to generate one time codes based -on this key. The easiest way to enter the key in to the application from phpMyAdmin is -through scanning a QR code.

-

There are dozens of applications available for mobile phones to implement these -standards, the most widely used include:

- -
-
-

Hardware Security Key (FIDO U2F)

-

Using hardware tokens is considered to be more secure than a software based -solution. phpMyAdmin supports FIDO U2F -tokens.

-

There are several manufacturers of these tokens, for example:

- -
-
-

Simple two-factor authentication

-

This authentication is included for testing and demonstration purposes only as -it really does not provide two-factor authentication, it just asks the user to confirm login by -clicking on the button.

-

It should not be used in the production and is disabled unless -$cfg['DBG']['simple2fa'] is set.

-
-
- - -